Hello
I tried a lot of tutorials to set up a DNS server but I always fail , The DNS not resolving from any place including the local host too
# dig ns.domain.local
Code:
; <<>> DiG 9.7.3-P3-RedHat-9.7.3-8.P3.el6_2.2 <<>> ns.domain.local
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54498
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;ns.domain.local. IN A
;; AUTHORITY SECTION:
. 7970 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2012031900 1800 900 604800 86400
;; Query time: 14 msec
;; SERVER: 192.168.1.111#53(192.168.1.111)
;; WHEN: Mon Mar 19 17:59:11 2012
;; MSG SIZE rcvd: 108
These are my configuration files :
# cat /var/named/chroot/etc/named.conf
Code:
options
{
// Put files that named is allowed to write in the data/ directory:
directory "/var/named"; // "Working" directory
dump-file "data/cache_dump.db";
statistics-file "data/named_stats.txt";
memstatistics-file "data/named_mem_stats.txt";
/*
Specify listenning interfaces. You can use list of addresses (';' is
delimiter) or keywords "any"/"none"
*/
//listen-on port 53 { any; };
listen-on port 53 { 127.0.0.1; 192.168.1.0/24; };
//listen-on-v6 port 53 { any; };
listen-on-v6 port 53 { ::1; };
/*
Access restrictions
There are two important options:
allow-query { argument; };
- allow queries for authoritative data
allow-query-cache { argument; };
- allow queries for non-authoritative data (mostly cached data)
You can use address, network address or keywords "any"/"localhost"/"none" as argument
Examples:
allow-query { localhost; 10.0.0.1; 192.168.1.0/8; };
allow-query-cache { ::1; fe80::5c63:a8ff:fe2f:4526; 10.0.0.1; };
*/
allow-query { localhost; 192.168.1.0/24; };
allow-query-cache { localhost; };
// Enable/disable recursion - recursion yes/no;
recursion yes;
/* DNSSEC related options. See information about keys ("Trusted keys", bellow) */
/* Enable serving of DNSSEC related data - enable on both authoritative
and recursive servers DNSSEC aware servers */
dnssec-enable yes;
/* Enable DNSSEC validation on recursive servers */
dnssec-validation yes;
/* Enable DLV by default, use built-in ISC DLV key. */
dnssec-lookaside auto;
};
logging
{
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "domain.local.zone" {
type master;
file "my.internal.zone.db";
allow-update { any; };
allow-transfer { any; };
allow-query { "any"; };
};
cat /var/named/chroot/var/named/domain.local.zone
Code:
$TTL 3h
@ IN SOA nsdomain.local admin.domain.local. (
1 ; Serial
3h ; Refresh after 3 hours
1h ; Retry after 1 hour
1w ; Expire after 1 week
1h ) ; Negative caching TTL of 1 day
;
@ IN NS ns.domain.local.
@ IN NS ns2.domain.local.
domain.local. IN MX 10 mail.domain.local.
domain.local. IN A 192.168.0.10
ns IN A 192.168.0.111
ns2 IN A 192.168.0.11
;www IN CNAME domain.local.
mail IN A 192.168.0.10
;ftp IN CNAME domain.local.
cat /etc/resolv.conf
Code:
nameserver 192.168.1.111
____________
any suggestions ?
